Main menu

New and Improved Onion Services Will Premiere at Def Con 25

Millions of people around the world use Tor every day to protect themselves from surveillance and censorship. While the majority of people use Tor to reach ordinary websites more safely, Tor can also be used to access websites and services that live inside the Tor network. We call those onion services (formerly: hidden services).

Since onion services are part of the Tor network, the services and the people connecting to them get more security and privacy; their traffic doesn't even leave the network. Onion services are relied on for metadata-free chat and file sharing, safer interaction between journalists and their sources like with SecureDrop, safer software updates, and more secure ways to reach popular websites like Facebook.

Preview the New Onion Services at Def Con

This Friday at Def Con, our Co-Founder and President Roger Dingledine will present our new and improved onion service design and let people try it out.

The code is in review, and the improved services are scheduled to be released in about a month. As of now, the stable version is expected in December. Check back here or on Twitter to hear about the release and try out the new onion services.

> The detention of a group of human rights defenders in Turkey for daring to learn about digital security and encryption continued last week with a brief appearance of the accused in an Istanbul court. Six were returned to jail, and four released on bail. In an additionally absurd twist, the four released activists were named in new detention orders on Friday, and are now being re-arrested.

I appeal to everyone to support Tor Project financially and in any other way they can. And I appeal to US citizens to express support for encryption generally to their political representatives. Remember: Turkey is a US ally, and the current US head of state has expressed support for Ergodan's increasingly authoritarian policies (Turkey is currently in an apparently unending "State of Emergency"; human rights orgs should be plan now for the possibility that the US might follow suit, perhaps in the wake of an unprecedented natural disaster or nuclear weapons accident or cyberevent blamed on another nation.)

A particularly important point about onion services is that they can be "re-purposed" to provide better authentication of web-sites to web-users, and thus enhance cybersecurity for all. In particular, it is widely agreed that PKI (to enable customers to "know" they are logging into the website of their bank, not giving up their passphrase to a phishing site) is completely and rather hopelessly broken. No fix was thought possible--- until TP pointed out that onion sites appear to provide at least a partial solution which is available right now.

(Not a TP employee, just a Tor user, so if I got anything wrong, I trust someone from TP will clarify.)

I trust RD will mention the collaboration of Tor Project with Debian Project, and offer some discussion of the issue of how to advise Debian users who are updating packages via the onion mirrors can set up a reasonably simple and Debian-tor and TBB friendly "personal" firewall, i.e. one preventing unwanted outbound communications while not stepping on the toes of their Tor clients (probably at least two, one for Debian Tor and one for TBB while browsing).

Further, I wonder whether it might be technically feasible to push some of the less unfriendly major media organizations to

Presumably these companies would still want their users to sign in through Tor tunnels, which would require a drastic rethink of the whole CloudFlare model. (Ultimately I want users to be able to register and pay anonymously companies like NYT, but just now that might be bridge too far.)

It would be necessary that companies participating in the trial would agree to run enough fast Tor nodes to make sure the network can cope with the increased load (even a trial program involving Slate would probably result in a noticeable increase in load). And it would be essential of course to try to make sure that this innovation doesn't impact anonymity for web-users who need to browse anonymously (the web generally, or the news site if not behind a paywall)--- I do not see how that might happen, but TP should try to make sure unwanted problems are not likely to result from a large number of new Tor users who are seeking cybersecurity rather than anonymity.

Further, I suspect that on-line banking, POS communications, etc, would all be safer if tunneled via Tor, provided of course that industry can be persuaded to try it and to themselves run enough fast Tor nodes to carry the (potentially) enormously increased load.

Because it is not yet known how current Tor would scale to carry all the world's web traffic (which should be the ultimate goal), all this should initially be smallish (for the media companies) proof of concept.

I cannot claim to have thought this through, just offering up a "Be Bold!" vision in which all the world's web traffic would ideally be carried by Tor network, for cybersecurity purposes, while also offering strong anonymity for those who need it.

DANE, https, Calomel add-on (not implemented/obsolete), OCSP(???) verify/add the authenticity of the site by comparing/showing the certificate : nothing to do with tor, firefox, chrome, opera.

- Tor provides onions but without https i should not use it.
- Tor is not on DANE afaik ( but is it recommended ?).
- Onion requires javascript or cookies (comment/login e.g.) so it is not more or less safe but just more hidden running inside a tor tunnel : it is just a technical trick.
- Javascript is not secure & cookie is a tracker/backdoor risk.
- it is strange that calomel be not on tor browser : incompatibility ?

The more users the more safe you are & running relays or make donations are still the better way to be involved without too much risk.

That they update their code or their config (i hope they have understood that a new language is need ! ) is an important step but even the freedom of speech is becoming obsolete following a government policy of racketing and the rise of arrogant rogue-state & corrupted groups ; that is especially true in E.U.

I thing the future of Tor is depending on the users & their interactions between each other.

Now, there is some reason to think that currently messing with PKI in the manner illustrated by the Comodo and DigiNotar hijackings is sufficiently difficult that some governments may attempt this (particularly when targeting a foreigner) only in the case of a few "high value targets", such as prominent journalists writing about government corruption or human rights groups investigating extralegal executions. Such highly targeted hijacking using fraudulent or stolen certifcates may be very hard to detect.

So how can onion services help? By making it difficult for even sophisticated attackers to deploy targeted attacks of this kind. By forcing (we hope) the bad guys to either attack everyone--- which would be detected, we hope---- or to abandon this kind of very dangerous attack as too risky to themselves.

(Not a TP employee, just another user, so I defer to their expertise if I said anything wrong.)

i cannot access at mobile/tor [on Twitter] : why do you let an unavailable link ?
btw if you want censure (you do) the dialogue why do you not remove the reply tag ?
how much do you [where can i find the salaries of the tor team ?] earn by year ?

If you are complaining that you cannot access Twitter using (?) Tor Browser, you should provide more information about exactly what you are doing and what is the result.

Such problems may arise not from Tor Project miscoding, but from something Tor-unfriendly which Twitter (or one of their contractors) is doing.

> btw if you want censure (you do) the dialogue why do you not remove the reply tag ?

If you are complaining that Tor Project "wants" to censor comments, you should probably clarify whether you are complaining about moderators removing

o obvious spam such as links to dodgy on-line pharmaceutical sites,

o comments which bear too many similarities to past (state-sponsored?) attempts to troll this blog,

o potentially controversial but arguably legitimate comments.

I believe that I sometimes encounter the last, which is unfortunate, but I've been around long enough to have some idea of how much crap would happen here if moderators did not attempt to prevent some really atrocious comments from appearing.

> how much do you [where can i find the salaries of the tor team ?] earn by year ?

You want to know the salaries of individual Tor employees? Or just to obtain some sense of how they compare to "industry standards"? Because you want to apply for job at TP?

As a privacy advocate, I find it cause for concern when, as sometimes happens, commentators seem to assume that privacy is, or should be, dead. Which IMO is an attitude contrary to the core principles of the Tor Project.

# ok : that is a correct answer but it is not a response at my question :
# e.g : someone posts & the reply is locked _ so it is censured ... because someone does not appreciate a point of view that do not serve his_her own interest.

You ... TP?

# the more you earn the more you have significant results so trust = untrue
# the less you earn the less you work so deviance = untrue
# money is not anymore a scale of the value/competence/quality/job so how do you evaluate and for what job(s)_even unknown(s)_ the salary of an employee_boss ?

As a privacy advocate, I find it cause for concern when, as sometimes happens, commentators seem to assume that privacy is, or should be, dead. Which IMO is an attitude contrary to the core principles of the Tor Project.

# Privacy is living from the level of integrity of a democracy/republic/monarchy ... it is a genuine part of the human being in a group or a small community. In all cases, it is depending on how much your 'partner_s' is civilized & how deep & structured is your mind ; but the world is changing every day & these assertions are moving to a new conception : privacy is useless if you cannot afford one. Tor provides an individual way to not let privacy as unique state sponsored model in the hands of an universal freedom force.

Recent Updates

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.0.1-alpha from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely by the end of the month.

Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.

Tor 0.4.0.1-alpha is the first release in the new 0.4.0.x series. It introduces improved features for power and bandwidth conservation, more accurate reporting of bootstrap progress for user interfaces, and an experimental backend for an exciting new adaptive padding feature. There is also the usual assortment of bugfixes and minor features, all described below.

Changes in version 0.4.0.1-alpha - 2019-01-18

Major features (battery management, client, dormant mode):

When Tor is running as a client, and it is unused for a long time, it can now enter a "dormant" state. When Tor is dormant, it avoids network and CPU activity until it is reawoken either by a user request or by a controller command. For more information, see the configuration options starting with "Dormant". Implements tickets 2149 and 28335.

The client's memory of whether it is "dormant", and how long it has spent idle, persists across invocations. Implements ticket 28624.

There is a DormantOnFirstStartup option that integrators can use if they expect that in many cases, Tor will be installed but not used.

Major features (bootstrap reporting):

When reporting bootstrap progress, report the first connection uniformly, regardless of whether it's a connection for building application circuits. This allows finer-grained reporting of early progress than previously possible, with the improvements of ticket 27169. Closes tickets 27167 and 27103. Addresses ticket 27308.

When reporting bootstrap progress, treat connecting to a proxy or pluggable transport as separate from having successfully used that proxy or pluggable transport to connect to a relay. Closes tickets 27100 and 28884.

Tor 0.3.5.7 is the first stable release in its series; it includes compilation and portability fixes, and a fix for a severe problem affecting directory caches. Tor 0.3.4.10 and 0.3.3.11 are also released today; please see the official announcements for those releases if you are tracking older stable versions.

The Tor 0.3.5 series includes several new features and performance improvements, including client authorization for v3 onion services, cleanups to bootstrap reporting, support for improved bandwidth- measurement tools, experimental support for NSS in place of OpenSSL, and much more. It also begins a full reorganization of Tor's code layout, for improved modularity and maintainability in the future. Finally, there is the usual set of performance improvements and bugfixes that we try to do in every release series.

There are a couple of changes in the 0.3.5 that may affect compatibility. First, the default version for newly created onion services is now v3. Use the HiddenServiceVersion option if you want to override this. Second, some log messages related to bootstrapping have changed; if you use stem, you may need to update to the latest version so it will recognize them.

We have designated 0.3.5 as a "long-term support" (LTS) series: we will continue to patch major bugs in typical configurations of 0.3.5 until at least 1 Feb 2022. (We do not plan to provide long-term support for embedding, Rust support, NSS support, running a directory authority, or unsupported platforms. For these, you will need to stick with the latest stable release.)

Below are the changes since 0.3.5.6-rc. For a complete list of changes since 0.3.4.9, see the ReleaseNotes file.

Changes in version 0.3.5.7 - 2019-01-07

Major bugfixes (relay, directory):

Always reactivate linked connections in the main loop so long as any linked connection has been active. Previously, connections serving directory information wouldn't get reactivated after the first chunk of data was sent (usually 32KB), which would prevent clients from bootstrapping. Fixes bug 28912; bugfix on 0.3.4.1-alpha. Patch by "cypherpunks3".